Main menu

Post navigation

Operational Intelligence: What Does It Really Mean? And Does Your Log Wear A Stash?

One of the things I try to do here on my blog is cut through the red tape, BS, smoke and mirrors, or whatever other obstacle you may encounter when trying to learn about the ongoing gibberish, er, I mean lingo, in today’s IT world. As you may have read in my previous blog, I was talking about DevOps, what it is, and what it is not. In this post, I’m going to focus on another tech-world buzz word: Operational Intelligence, or OpIntel, as I refer to it.

Being a former employee of the Wall Street darling tech company whose name rhymes with flunk, I may know a thing or two about the concept of OpIntel; however, my best experience with this term comes from the military, and my years serving in the Corps. In lay terms, I would define OpIntel as any measurable, quantifiable, or pertinent data that allows you to better understand what your organization is accomplishing, how efficient it is, and how to make it better. Of course, there are the much drier definitions which you will find at places like Wikipedia, About.com, and/or one of the bazillion OpIntel based companies or research firms out there; and yes, bazillion is a technical term. Obviously, this term takes on a different persona depending on the situation you’re in.

If you’re a US Marine is an active theater, your OpIntel is going concern the number of boots you have on the ground, in-progress operations, estimated time of completion, as well as a slew of other data points. However, if you are a Systems Engineer working at a tech startup, your OpIntel will probably consist of data coming from logs concerning your systems, applications, and environment. In either case, your OpIntel is what empowers you to make decisions on how to best deal with your situation.

Given the fact that my blog is of the technical nature, I’m fairly certain anyone reading this article is probably looking for info on how to facilitate OpIntel in a technical environment. Fortunately, there is no single right way to do this. OpIntel in the technical world is usually driven by machine, operating system, or application generated data. This data is usually created in the form of some type of log, and normally, a fairly large quantity of logs; this is where the term Big Data starts to take place, but that is a blog entry all of it’s own. To be able to truly capitalize on this, you will need a platform that can help manage this data. The data will need to be stored, parsed, and indexed so that it can be searched and alerted upon. Of course, I would thoroughly recommend that you do your own research and come to your own conclusion as to which platform you choose to meet your OpIntel needs. However, given my love of all things open source, I’m definitely going to leave you with at least one recommendation here.

Drumroll please! My recommendation for an OpIntel/log management platform would most definitely be LogStash. There are many reasons I recommend this platform, but the first and foremost is that it’s a true open source offering, which means it’s both free as in freedom, and free as in beer; I have a sincere affection for anything open source. It’s also the only true open source competitor for the company for which I use to work that lives in the OpIntel arena. Jordan Sissel, the LogStash project leader, and what I assume is a team of developers, although it could just be Jordan, have been working hard to produce a truly open source, log management platform; and I think they’ve done a bang up job. Also, another reason I recommend LogStash over the other options out there is that, outside of the previous unmentioned company, the rest of the players in this space are mostly SaaS based offerings. When you start playing in the SaaS arena, there is a completely different list of requirements and attributes you need to consider. Stay tuned to my blog for the next episodes which will address Big Data and SaaS-based OpIntel and log management vendors.